RSS Feed

What are some common “intrusion signatures”?

By

admin

Published: March 18, 2010Posted in: NIDSTags: attacks, attempts, crash, denial-of-service, DNS zone transfers, e-mail recons, exploits, intruder, machine, overload network links, overloaded the CPU, ping sweeps, port scans, public web servers, reconnaisance, service, TCP, UDP

There are three types of attacks:

reconnaisance These include ping sweeps, DNS zone transfers, e-mail recons, TCP or UDP port scans, and possibly indexing of public web servers to find cgi holes.

exploits Intruders will take advantage of hidden features or bugs to gain access to the system.

denial-of-service (DoS) attacks Where the intruder attempts to crash a service (or the machine), overload network links, overloaded the CPU, or fill up the disk. The intruder is not trying to gain information, but to simply act as a vandal to prevent you from making use of your machine.

Related Blogs

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

About the Author

7 Comments

Avery Clemson

Posted April 13, 2010 at 9:59 PM

Good Site.
Excellent. Thanks so much for the post. -Kate

Posted April 17, 2010 at 3:46 AM

Excellent. Thanks so much for the post. -Kate
SkeseeVer

Posted April 24, 2010 at 1:42 PM

I risk to seem the layman, but nevertheless I will ask, whence it and who in general has written?
Carylon Everman

Posted April 28, 2010 at 8:14 AM

what goes up, has to come down?
Althea Hillburg

Posted April 29, 2010 at 1:34 PM

Great posts! I really like it.
Henry Connerly

Posted July 24, 2010 at 3:53 PM

wow, awesome blog article.Much thanks again. Really Great.

Trackbacks / Pings

Time Synchronisation

Leave a Reply

Categories
- Internet
- NIDS
Featured Stories
- What are some common “intrusion signatures”?
  18 March 2010 6:47 AM | 7 Comments
  There are three types of attacks: reconnaisance These include ping sweeps, DNS zone transfers, e-mail recons, TCP or UDP port scans, and possibly indexing of public web servers to find cgi holes. exploits Intruders will take advantage of hidden features or bugs to gain access to the system. denial-of-service (DoS) attacks Where the intruder attempts to crash a [...]
  Read More
- What is a typical intrusion scenario?
  18 March 2010 6:44 AM | No Comments
  A typical scenario might be: Step 1: outside reconnaissance The intruder will find out as much as possible without actually giving themselves away. They will do this by finding public information or appearing as a normal user. In this stage, you really can’t detect them. The intruder will do a ‘whois’ lookup to find as much [...]
  Read More
- How do intruders get passwords?
  18 March 2010 6:41 AM | No Comments
  Intruders get passwords in the following ways: Clear-text sniffing: A number of protocols (Telnet, FTP, HTTP Basic) use clear-text passwords, meaning that they are not encrypted as the go over the wire between the client and the server. A intruder with a protocol analyzer can watch the wire looking for such passwords. No further effort is [...]
  Read More
- Why can intruders get into systems?
  18 March 2010 6:35 AM | No Comments
  Software always has bugs. System Administrators and Programmers can never track down and eliminate all possible holes. Intruders have only to find one hole to break in. 1 Software bugs Software bugs are exploited in the server daemons, the client applications, the operating system, and the network stack. Software bugs can be classified in the [...]
  Read More
- How do intruders get into systems?
  18 March 2010 6:28 AM | No Comments
  The primary ways a intruder can get into a system: Physical Intrusion If a intruders have physical access to a machine (i.e. they can use the keyboard or take apart the system), they will be able to get in. Techniques range from special privileges the console has, to the ability to physically take apart the system [...]
  Read More
Recent Posts

Powered by Yahoo! Answers